AWS elasticloadbalancing documentation change
Summary
Added JWT validation configuration steps for HTTPS listeners
Security assessment
Documents new security feature for JWT verification but doesn't reference any existing security issues being resolved.
Diff
diff --git a/elasticloadbalancing/latest/application/create-https-listener.md b/elasticloadbalancing/latest/application/create-https-listener.md index b47548462..b921a6239 100644 --- a//elasticloadbalancing/latest/application/create-https-listener.md +++ b//elasticloadbalancing/latest/application/create-https-listener.md @@ -51 +51 @@ Console - 6. (Optional) To add an authentication rule, select **Authenticate users** chose an identity provider, and provide the required information. For more information, see [Authenticate users using an Application Load Balancer](./listener-authenticate-users.html). + 6. (Optional) For **Pre-routing action** , select one of the following actions: @@ -53 +53,5 @@ Console - 7. For **Routing action** , select one of the following routing actions and provide the required information: + * **Authenticate user** – Choose an identity provider and provide the required information. For more information, see [Authenticate users using an Application Load Balancer](./listener-authenticate-users.html). + + * **Validate token** – Enter the JWKS endpoint, issues, and any additional claims. For more information, see [Verify JWTs using an Application Load Balancer](./listener-verify-jwt.html). + + 7. For **Routing action** , select one of the following actions: